diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-07-03 21:54:29 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-07-03 21:54:29 +0200 |
| commit | e30668287ad07c48b49586db39b477748cba3e7b (patch) | |
| tree | 6ddcc0d2a0a6ee3498f873741c9a82b487a332f4 /src | |
| parent | 034b58596cd514d10a0d4eb134cfa7282eeca8b1 (diff) | |
| download | vyos-1x-e30668287ad07c48b49586db39b477748cba3e7b.tar.gz vyos-1x-e30668287ad07c48b49586db39b477748cba3e7b.zip | |
Revert "ipsec: T2816: drop duplicate dict key "data" from generate()"
This reverts commit fb1802111155b52c9d63a079e18127de76033678.
Diffstat (limited to 'src')
| -rwxr-xr-x | src/conf_mode/vpn_ipsec.py | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/src/conf_mode/vpn_ipsec.py b/src/conf_mode/vpn_ipsec.py index ffef317ba..d1b29ee9a 100755 --- a/src/conf_mode/vpn_ipsec.py +++ b/src/conf_mode/vpn_ipsec.py @@ -316,7 +316,8 @@ def generate(ipsec): with open(DHCP_HOOK_IFLIST, 'w') as f: f.write(" ".join(ipsec['dhcp_no_address'].values())) - ipsec['rsa_local_key'] = verify_rsa_local_key(ipsec) + data = ipsec + data['rsa_local_key'] = verify_rsa_local_key(ipsec) for path in [swanctl_dir, CERT_PATH, CA_PATH, CRL_PATH]: if not os.path.exists(path): @@ -325,7 +326,7 @@ def generate(ipsec): if not os.path.exists(KEY_PATH): os.mkdir(KEY_PATH, mode=0o700) - if 'site_to_site' in ipsec and 'peer' in ipsec['site_to_site']: + if 'site_to_site' in data and 'peer' in data['site_to_site']: for peer, peer_conf in ipsec['site_to_site']['peer'].items(): if peer in ipsec['dhcp_no_address']: continue @@ -339,7 +340,7 @@ def generate(ipsec): elif 'dhcp_interface' in peer_conf: local_ip = get_dhcp_address(peer_conf['dhcp_interface']) - ipsec['site_to_site']['peer'][peer]['local_address'] = local_ip + data['site_to_site']['peer'][peer]['local_address'] = local_ip if 'tunnel' in peer_conf: for tunnel, tunnel_conf in peer_conf['tunnel'].items(): @@ -358,13 +359,13 @@ def generate(ipsec): if local_net.overlaps(remote_net): passthrough.append(local_prefix) - ipsec['site_to_site']['peer'][peer]['tunnel'][tunnel]['passthrough'] = passthrough + data['site_to_site']['peer'][peer]['tunnel'][tunnel]['passthrough'] = passthrough - render(ipsec_conf, 'ipsec/ipsec.conf.tmpl', ipsec) - render(ipsec_secrets, 'ipsec/ipsec.secrets.tmpl', ipsec) - render(interface_conf, 'ipsec/interfaces_use.conf.tmpl', ipsec) - render(swanctl_conf, 'ipsec/swanctl.conf.tmpl', ipsec) + render(ipsec_conf, 'ipsec/ipsec.conf.tmpl', data) + render(ipsec_secrets, 'ipsec/ipsec.secrets.tmpl', data) + render(interface_conf, 'ipsec/interfaces_use.conf.tmpl', data) + render(swanctl_conf, 'ipsec/swanctl.conf.tmpl', data) def resync_l2tp(ipsec): if ipsec and not ipsec['l2tp_exists']: |